In January a serious 0-day was reported in Java which if exploited would allow hackers to execute code remotely thereby granting them complete control of the affected system. Oracle did rush to patch the vulnerability but, hackers were also at work to develop a fake security update that pretends to be a genuine one promising to patch the vulnerability.